fastcgi problem

Ed W lists at
Mon Feb 23 13:38:05 MSK 2009

Paul van der Linden wrote:
>>>         location / {
>>>            fastcgi_pass   localhost:8888;
>>>            fastcgi_index  moin.fcg;

Remember also that this will cause any .php (or whatever cgi) files
anywhere on the filesystem to be executed.  It seems to be a pretty
common error for nginx PHP setups to use something like the above AND
also allow arbitrary named file uploads.  If the user of the php
application can cause some file to be uploaded with a .php extension
then point to it's disk path then the file will be executed.

Ed W

More information about the nginx mailing list